Athena 🌙

Athena is a web application developed in Python / Flask / SQLite that has two faces.

GOOD: Tries to code with secure development best practices in mind.

BAD: Tries to code like (possibly) you.

OWASP Application Security Verification Standard :

The "GOOD" version (not finished yet) will comply with the OWASP ASVS:

This will permit learn how to develop python code following the best security practices.

Installation 💼

      pip install Flask
      
      sudo apt install sqlite3

      git clone https://github.com/GDGSNF/Athena.git
      
      cd Athena
      
      pip3 install --user -r requirements.txt

After Installing the Project Now you will be able to do some steps to run Athena :

      sudo ./install.sh

If you found a key or a registry id that devl@kali not the creator report on issues or contact Me :
Exemple of key :

ED44FF07D8D0BF6
Kali linux Repository<devel@Kali.org>

Both, "BAD" and "GOOD" versions, requires an initialization of the database.

This is done with the script "db_init.py" inside each of the directories (bad, and good).

Each version has their own sqlite files for the users and posts.

The execution of the script is, for example:

    cd bad
    ./db_init.py

Or :

    cd good
    ./db_init.py

Some of the vulnerabilities present on the "BAD" version:

Note: The "GOOD" version (not finished yet) is supposed to don't have vulnerabilities, but I'm a human being, so...

After database initialization, three users are created:

You can login with any user, the application doesn't have a permissions system, so, the three have the same permissions.

Contributions are welcome! ♥! Please share any features, and add unit tests! Use the pull request and issue systems to contribute.